Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A method comprising: identifying each virtual machine in a set of virtual machines managed by a virtual machine manager; determining, for each virtual machine in the set, whether the respective virtual machine is online, wherein a first subset is determined to be offline and a second subset is determined to be online; collecting, for each virtual machine in the first subset, a machine image of the virtual machine via the virtual machine manager; causing a security tool authenticated by the virtual machine manager to assess security of each virtual machine in the first subset from the collected machine images; loading a respective agent, via an application programming interface (API) of the virtual machine manager, on each virtual machine in the second subset, wherein each agent comprises logic to perform one or more security assessments within the corresponding online virtual machine and the API permits selective access to firewalled protected virtualized resources in the second subset of virtual machines; and using the agents loaded on the virtual machines in the second subset to assess security of the corresponding virtual machines.
The system assesses the security of virtual machines (VMs) managed by a virtual machine manager. It identifies all VMs, determines which are online and offline. For offline VMs, it collects a machine image via the virtual machine manager. A security tool, authenticated by the virtual machine manager, then analyzes these images to assess the security of the offline VMs. For online VMs, the system loads a security agent onto each VM via the virtual machine manager's API. These agents perform security assessments within their respective VMs, accessing protected resources if needed. Finally, the system uses the data from these agents to evaluate the security of the online VMs.
2. The method of claim 1 , wherein identifying each virtual machine includes: sending a query to the virtual machine manager for information for the set of virtual machines; and receiving identification data, from the virtual machine manager, identifying each virtual machine in the set of virtual machines in response to the query.
The system identifies virtual machines (VMs) by sending a query to the virtual machine manager requesting information about the set of VMs. The virtual machine manager responds with identification data listing each VM. The overall system assesses the security of virtual machines (VMs) managed by a virtual machine manager. It identifies all VMs, determines which are online and offline. For offline VMs, it collects a machine image via the virtual machine manager. A security tool, authenticated by the virtual machine manager, then analyzes these images to assess the security of the offline VMs. For online VMs, the system loads a security agent onto each VM via the virtual machine manager's API. These agents perform security assessments within their respective VMs, accessing protected resources if needed. Finally, the system uses the data from these agents to evaluate the security of the online VMs.
3. The method of claim 2 , wherein the identification data includes identification, for each virtual machine in the set of virtual machines, of whether the virtual machine is online.
The virtual machine manager provides identification data, including information on whether each virtual machine is online or offline, when the system queries it for information about all the VMs. The system identifies virtual machines (VMs) by sending a query to the virtual machine manager requesting information about the set of VMs. The virtual machine manager responds with identification data listing each VM. The overall system assesses the security of virtual machines (VMs) managed by a virtual machine manager. It identifies all VMs, determines which are online and offline. For offline VMs, it collects a machine image via the virtual machine manager. A security tool, authenticated by the virtual machine manager, then analyzes these images to assess the security of the offline VMs. For online VMs, the system loads a security agent onto each VM via the virtual machine manager's API. These agents perform security assessments within their respective VMs, accessing protected resources if needed. Finally, the system uses the data from these agents to evaluate the security of the online VMs.
4. The method of claim 2 , wherein at least one of the query or identification data is communicated over an API of the virtual machine manager.
The system identifies virtual machines (VMs) by sending a query to the virtual machine manager requesting information about the set of VMs. The virtual machine manager responds with identification data listing each VM. At least one of the query to the virtual machine manager or the response from the virtual machine manager is communicated over an API of the virtual machine manager. The overall system assesses the security of virtual machines (VMs) managed by a virtual machine manager. It identifies all VMs, determines which are online and offline. For offline VMs, it collects a machine image via the virtual machine manager. A security tool, authenticated by the virtual machine manager, then analyzes these images to assess the security of the offline VMs. For online VMs, the system loads a security agent onto each VM via the virtual machine manager's API. These agents perform security assessments within their respective VMs, accessing protected resources if needed. Finally, the system uses the data from these agents to evaluate the security of the online VMs.
5. The method of claim 1 , wherein the machine images of offline virtual machines in the set are sent via an API of the virtual machine manager.
The system collects machine images of offline virtual machines via an API of the virtual machine manager. The overall system assesses the security of virtual machines (VMs) managed by a virtual machine manager. It identifies all VMs, determines which are online and offline. For offline VMs, it collects a machine image via the virtual machine manager. A security tool, authenticated by the virtual machine manager, then analyzes these images to assess the security of the offline VMs. For online VMs, the system loads a security agent onto each VM via the virtual machine manager's API. These agents perform security assessments within their respective VMs, accessing protected resources if needed. Finally, the system uses the data from these agents to evaluate the security of the online VMs.
6. The method of claim 1 , further comprising collecting result data reporting results of the security assessment of the at least one online virtual machine, wherein the result data is collected from the agent over the API of the virtual machine manager.
The system collects result data from the security assessment of online virtual machines from the agent over the API of the virtual machine manager. The system assesses the security of virtual machines (VMs) managed by a virtual machine manager. It identifies all VMs, determines which are online and offline. For offline VMs, it collects a machine image via the virtual machine manager. A security tool, authenticated by the virtual machine manager, then analyzes these images to assess the security of the offline VMs. For online VMs, the system loads a security agent onto each VM via the virtual machine manager's API. These agents perform security assessments within their respective VMs, accessing protected resources if needed. Finally, the system uses the data from these agents to evaluate the security of the online VMs.
7. The method of claim 1 , wherein the agent is removed automatically at conclusion of the security assessment of the at least one online virtual machine.
The security agent is automatically removed from the online virtual machine at the conclusion of the security assessment. The system assesses the security of virtual machines (VMs) managed by a virtual machine manager. It identifies all VMs, determines which are online and offline. For offline VMs, it collects a machine image via the virtual machine manager. A security tool, authenticated by the virtual machine manager, then analyzes these images to assess the security of the offline VMs. For online VMs, the system loads a security agent onto each VM via the virtual machine manager's API. These agents perform security assessments within their respective VMs, accessing protected resources if needed. Finally, the system uses the data from these agents to evaluate the security of the online VMs.
8. The method of claim 1 , wherein the set is a subset of the plurality of virtual machines managed by the virtual machine manager and the set comprises less than all of the plurality of virtual machines.
The set of virtual machines to be assessed represents only a subset of the total VMs managed by the virtual machine manager, and comprises less than all VMs. The system assesses the security of virtual machines (VMs) managed by a virtual machine manager. It identifies all VMs, determines which are online and offline. For offline VMs, it collects a machine image via the virtual machine manager. A security tool, authenticated by the virtual machine manager, then analyzes these images to assess the security of the offline VMs. For online VMs, the system loads a security agent onto each VM via the virtual machine manager's API. These agents perform security assessments within their respective VMs, accessing protected resources if needed. Finally, the system uses the data from these agents to evaluate the security of the online VMs.
9. The method of claim 1 , further comprising collecting result data from the security assessment of the offline virtual machines.
The system also collects result data from the security assessment of the offline virtual machines. The system assesses the security of virtual machines (VMs) managed by a virtual machine manager. It identifies all VMs, determines which are online and offline. For offline VMs, it collects a machine image via the virtual machine manager. A security tool, authenticated by the virtual machine manager, then analyzes these images to assess the security of the offline VMs. For online VMs, the system loads a security agent onto each VM via the virtual machine manager's API. These agents perform security assessments within their respective VMs, accessing protected resources if needed. Finally, the system uses the data from these agents to evaluate the security of the online VMs.
10. The method of claim 9 , wherein the offline virtual machines include a plurality of offline virtual machines and the result data describes virtual-machine-specific security conditions for each of the plurality of offline virtual machines.
For multiple offline virtual machines, the collected result data describes virtual-machine-specific security conditions for each one. The system collects result data from the security assessment of the offline virtual machines. The system assesses the security of virtual machines (VMs) managed by a virtual machine manager. It identifies all VMs, determines which are online and offline. For offline VMs, it collects a machine image via the virtual machine manager. A security tool, authenticated by the virtual machine manager, then analyzes these images to assess the security of the offline VMs. For online VMs, the system loads a security agent onto each VM via the virtual machine manager's API. These agents perform security assessments within their respective VMs, accessing protected resources if needed. Finally, the system uses the data from these agents to evaluate the security of the online VMs.
11. The method of claim 10 , further comprising generating a virtual-machine-specific report for each of the plurality of offline virtual machines based at least in part on collected result data.
The system generates a virtual-machine-specific report for each offline virtual machine based on the collected result data from the security assessment of the offline virtual machines which describes virtual-machine-specific security conditions. The system assesses the security of virtual machines (VMs) managed by a virtual machine manager. It identifies all VMs, determines which are online and offline. For offline VMs, it collects a machine image via the virtual machine manager. A security tool, authenticated by the virtual machine manager, then analyzes these images to assess the security of the offline VMs. For online VMs, the system loads a security agent onto each VM via the virtual machine manager's API. These agents perform security assessments within their respective VMs, accessing protected resources if needed. Finally, the system uses the data from these agents to evaluate the security of the online VMs.
12. The method of claim 1 , wherein assessing security of the offline virtual machines from the collected images includes reading each image file to identify security characteristics of each virtual machine in the offline virtual machines.
Assessing the security of offline virtual machines involves reading each image file to identify security characteristics. The system assesses the security of virtual machines (VMs) managed by a virtual machine manager. It identifies all VMs, determines which are online and offline. For offline VMs, it collects a machine image via the virtual machine manager. A security tool, authenticated by the virtual machine manager, then analyzes these images to assess the security of the offline VMs. For online VMs, the system loads a security agent onto each VM via the virtual machine manager's API. These agents perform security assessments within their respective VMs, accessing protected resources if needed. Finally, the system uses the data from these agents to evaluate the security of the online VMs.
13. The method of claim 1 , wherein assessing security of the offline virtual machines from the collected images further includes simulating operation of each offline virtual machine based on data in the corresponding image of the respective virtual machine.
Assessing the security of offline virtual machines from the collected images includes simulating operation of each offline virtual machine based on data in the corresponding image of the respective virtual machine. The system assesses the security of virtual machines (VMs) managed by a virtual machine manager. It identifies all VMs, determines which are online and offline. For offline VMs, it collects a machine image via the virtual machine manager. A security tool, authenticated by the virtual machine manager, then analyzes these images to assess the security of the offline VMs. For online VMs, the system loads a security agent onto each VM via the virtual machine manager's API. These agents perform security assessments within their respective VMs, accessing protected resources if needed. Finally, the system uses the data from these agents to evaluate the security of the online VMs.
14. The method of claim 1 , wherein the plurality of virtual machines are firewalled.
The virtual machines being managed and assessed are protected by firewalls. The system assesses the security of virtual machines (VMs) managed by a virtual machine manager. It identifies all VMs, determines which are online and offline. For offline VMs, it collects a machine image via the virtual machine manager. A security tool, authenticated by the virtual machine manager, then analyzes these images to assess the security of the offline VMs. For online VMs, the system loads a security agent onto each VM via the virtual machine manager's API. These agents perform security assessments within their respective VMs, accessing protected resources if needed. Finally, the system uses the data from these agents to evaluate the security of the online VMs.
15. The method of claim 1 , further comprising authenticating, at the virtual machine manager, a security assessment tool.
Before assessing security, the security assessment tool is authenticated by the virtual machine manager. The system assesses the security of virtual machines (VMs) managed by a virtual machine manager. It identifies all VMs, determines which are online and offline. For offline VMs, it collects a machine image via the virtual machine manager. A security tool, authenticated by the virtual machine manager, then analyzes these images to assess the security of the offline VMs. For online VMs, the system loads a security agent onto each VM via the virtual machine manager's API. These agents perform security assessments within their respective VMs, accessing protected resources if needed. Finally, the system uses the data from these agents to evaluate the security of the online VMs.
16. The method of claim 1 , wherein the security assessment of the offline virtual machines includes remedying at least one of a security vulnerability or policy violation detected for a particular one of the offline virtual machines before the particular virtual machine resumes online operation.
The security assessment of the offline virtual machines includes fixing any detected security vulnerabilities or policy violations before the particular virtual machine resumes online operation. The system assesses the security of virtual machines (VMs) managed by a virtual machine manager. It identifies all VMs, determines which are online and offline. For offline VMs, it collects a machine image via the virtual machine manager. A security tool, authenticated by the virtual machine manager, then analyzes these images to assess the security of the offline VMs. For online VMs, the system loads a security agent onto each VM via the virtual machine manager's API. These agents perform security assessments within their respective VMs, accessing protected resources if needed. Finally, the system uses the data from these agents to evaluate the security of the online VMs.
17. The method of claim 1 , wherein the logic comprises logic to perform scans of the corresponding virtual machine to determine characteristics indicating one or more vulnerabilities of the virtual machine.
The security agent's logic includes performing scans of the virtual machine to find characteristics that indicate vulnerabilities. The system assesses the security of virtual machines (VMs) managed by a virtual machine manager. It identifies all VMs, determines which are online and offline. For offline VMs, it collects a machine image via the virtual machine manager. A security tool, authenticated by the virtual machine manager, then analyzes these images to assess the security of the offline VMs. For online VMs, the system loads a security agent onto each VM via the virtual machine manager's API. These agents perform security assessments within their respective VMs, accessing protected resources if needed. Finally, the system uses the data from these agents to evaluate the security of the online VMs.
18. At least one non-transitory, machine-accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to: identify each virtual machine in a set of virtual machines managed by a particular virtual machine manager; determine, for each virtual machine in the set of virtual machines, whether the respective virtual machine is online, wherein a first subset is determined to be offline and a second subset is determined to be online; collect, for each virtual machine in the first subset, a machine image of the virtual machine via the particular virtual machine manager; cause a security tool authenticated by the virtual machine manager to assess security of each virtual machine in the first subset from the collected machine images; load, on each virtual machine in the second subset, a respective agent, via an application programming interface (API) of the virtual machine manager, wherein each agent comprises logic to perform one or more security assessments within the corresponding online virtual machine and the API permits selective access to firewalled protected virtualized resources in the second subset of virtual machines; and direct the agents loaded on the virtual machines in the second subset to assess security of the corresponding virtual machines.
A non-transitory computer-readable medium stores instructions that, when executed, cause a machine to identify virtual machines (VMs), determine their online status, collect images of offline VMs, assess offline VM security using the images with an authenticated security tool, load security agents onto online VMs via the virtual machine manager's API (allowing access to firewalled resources), and use those agents to assess the security of the online VMs. This system assesses the security of virtual machines (VMs) managed by a virtual machine manager.
19. A system comprising: at least one processor device; at least one memory element; and a security assessment module, adapted when executed by the at least one processor device to: identify each virtual machine in a set of virtual machines managed by a particular virtual machine manager; determine, for each virtual machine in the set of virtual machines, whether the respective virtual machine is online, wherein a first subset is determined to be offline and a second subset is determined to be online; collect, for each virtual machine in the first subset, a machine image of the virtual machine via the particular virtual machine manager; cause a security tool authenticated by the virtual machine manager to assess security of each virtual machine in the first subset from the collected machine images; load, via an API of the virtual machine manager, a respective agent, on each virtual machine in the second subset, wherein each agent comprises logic to perform one or more security assessments within the corresponding online virtual machine and the API permits selective access to firewalled protected virtualized resources in the second subset of virtual machines; and direct the agents loaded on the virtual machines in the second subset to assess security of the corresponding virtual machines.
A system comprised of a processor, memory, and a security assessment module that identifies virtual machines (VMs) managed by a virtual machine manager, determines their online status, collects images of offline VMs, assesses offline VM security using the images with an authenticated security tool, loads security agents onto online VMs via the virtual machine manager's API (allowing access to firewalled resources), and uses those agents to assess the security of the online VMs.
Unknown
September 30, 2014
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.